function file_replace()
{
global $txpcfg, $extensions, $txp_user, $file_base_path;
extract($txpcfg);
$id = gps('id');
$rs = safe_row('filename', 'txp_file', "id='{$id}'");
if (!$rs) {
file_list(messenger(gTxt('invalid_id'), $id, ''));
return;
}
extract($rs);
$file = file_get_uploaded();
$name = file_get_uploaded_name();
if ($file === false) {
// could not get uploaded file
file_list(gTxt('file_upload_failed') . " {$name} " . upload_get_errormsg($_FILES['file']['error']));
return;
}
if (!$filename) {
file_list(gTxt('invalid_filename'));
} else {
$newpath = build_file_path($file_base_path, $filename);
if (is_file($newpath)) {
rename($newpath, $newpath . '.tmp');
}
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id='{$id}'");
file_list($newpath . sp . gTxt('upload_dir_perms'));
// rename tmp back
rename($newpath . '.tmp', $newpath);
// remove tmp upload
unlink($file);
} else {
file_set_perm($newpath);
file_edit(messenger('file', $name, 'uploaded'), $id);
// clean up old
if (is_file($newpath . '.tmp')) {
unlink($newpath . '.tmp');
}
}
}
}
function file_replace()
{
global $txpcfg, $extensions, $txp_user, $file_base_path;
extract($txpcfg);
$id = assert_int(gps('id'));
$rs = safe_row('filename', 'txp_file', "id = {$id}");
if (!$rs) {
file_list(messenger(gTxt('invalid_id'), $id, ''));
return;
}
extract($rs);
$file = file_get_uploaded();
$name = file_get_uploaded_name();
if ($file === false) {
// could not get uploaded file
file_list(gTxt('file_upload_failed') . " {$name} " . upload_get_errormsg($_FILES['thefile']['error']));
return;
}
if (!$filename) {
file_list(gTxt('invalid_filename'));
} else {
$newpath = build_file_path($file_base_path, $filename);
if (is_file($newpath)) {
rename($newpath, $newpath . '.tmp');
}
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id = {$id}");
file_list($newpath . sp . gTxt('upload_dir_perms'));
// rename tmp back
rename($newpath . '.tmp', $newpath);
// remove tmp upload
unlink($file);
} else {
file_set_perm($newpath);
if ($size = filesize($newpath)) {
safe_update('txp_file', 'size = ' . $size . ', modified = now()', 'id = ' . $id);
}
$message = gTxt('file_uploaded', array('{name}' => htmlspecialchars($name)));
file_edit($message, $id);
// clean up old
if (is_file($newpath . '.tmp')) {
unlink($newpath . '.tmp');
}
}
}
}
function file_replace()
{
global $txp_user, $file_base_path;
$id = assert_int(gps('id'));
$rs = safe_row('filename, author', 'txp_file', "id = {$id}");
if (!$rs) {
file_list(array(messenger(gTxt('invalid_id'), $id), E_ERROR));
return;
}
extract($rs);
$filename = sanitizeForFile($filename);
if (!has_privs('file.edit') && !($author === $txp_user && has_privs('file.edit.own'))) {
require_privs();
}
$file = file_get_uploaded();
$name = file_get_uploaded_name();
if ($file === false) {
// Could not get uploaded file.
file_list(array(gTxt('file_upload_failed') . " {$name} " . upload_get_errormsg($_FILES['thefile']['error']), E_ERROR));
return;
}
if (!$filename) {
file_list(array(gTxt('invalid_filename'), E_ERROR));
} else {
$newpath = build_file_path($file_base_path, $filename);
if (is_file($newpath)) {
rename($newpath, $newpath . '.tmp');
}
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id = {$id}");
file_list(array($newpath . sp . gTxt('upload_dir_perms'), E_ERROR));
// Rename tmp back.
rename($newpath . '.tmp', $newpath);
// Remove tmp upload.
unlink($file);
} else {
file_set_perm($newpath);
update_lastmod('file_replaced', compact('id', 'filename'));
if ($size = filesize($newpath)) {
safe_update('txp_file', 'size = ' . $size . ', modified = now()', 'id = ' . $id);
}
file_edit(gTxt('file_uploaded', array('{name}' => $name)), $id);
// Clean up old.
if (is_file($newpath . '.tmp')) {
unlink($newpath . '.tmp');
}
}
}
}
function thumbnail_insert_post()
{
global $img_dir;
$id = $this->psi('id');
$file = $_FILES['thefile']['tmp_name'];
$name = $_FILES['thefile']['name'];
$file = get_uploaded_file($file);
list(, , $extension) = @getimagesize($file);
if ($file !== false && $this->extensions[$extension]) {
$ext = $this->extensions[$extension];
$newpath = IMPATH . $id . 't' . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
image_list($newpath . sp . gTxt('upload_dir_perms'));
} else {
chmod($newpath, 0644);
safe_update("txp_image", "thumbnail = 1", "id = {$id}");
update_lastmod();
$this->_message(gTxt('image_uploaded', array('{name}' => $name)));
$this->_set_view('edit', $id);
}
} else {
if ($file === false) {
$this->_error(upload_get_errormsg($_FILES['thefile']['error']));
$this->_set_view('edit', $id);
} else {
$this->_error(gTxt('only_graphic_files_allowed'));
$this->_set_view('edit', $id);
}
}
}
function image_data($file, $category = '', $id = '', $uploaded = true)
{
global $txpcfg, $extensions, $txp_user;
extract($txpcfg);
$name = $file['name'];
$error = $file['error'];
$file = $file['tmp_name'];
if ($uploaded) {
$file = get_uploaded_file($file);
}
list($w, $h, $extension) = getimagesize($file);
if ($file !== false && @$extensions[$extension]) {
$ext = $extensions[$extension];
$name = substr($name, 0, strrpos($name, '.'));
$name .= $ext;
$name2db = doSlash($name);
$q = "w = '{$w}',\n\t\t\t\t h = '{$h}',\n\t\t\t\t ext = '{$ext}',\n\t\t\t\t name = '{$name2db}',\n\t\t\t\t date = now(),\n\t\t\t\t caption = '',\n\t\t\t\t author = '{$txp_user}'";
if (empty($id)) {
$q .= ", category = '{$category}'";
$rs = safe_insert("txp_image", $q);
$id = mysql_insert_id();
} else {
$id = doSlash($id);
$rs = safe_update('txp_image', $q, "id = {$id}");
}
if (!$rs) {
return gTxt('image_save_error');
} else {
$newpath = IMPATH . $id . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
safe_delete("txp_image", "id='{$id}'");
safe_alter("txp_image", "auto_increment={$id}");
return $newpath . sp . gTxt('upload_dir_perms');
} else {
chmod($newpath, 0755);
return array(messenger('image', $name, 'uploaded'), $id);
}
}
} else {
if ($file === false) {
return upload_get_errormsg($error);
} else {
return gTxt('only_graphic_files_allowed');
}
}
}
function thumbnail_insert()
{
global $txpcfg, $extensions, $txp_user, $img_dir, $path_to_site;
extract($txpcfg);
$id = assert_int(gps('id'));
$author = fetch('author', 'txp_image', 'id', $id);
if (!has_privs('image.edit') && !($author === $txp_user && has_privs('image.edit.own'))) {
image_list(gTxt('restricted_area'));
return;
}
$file = $_FILES['thefile']['tmp_name'];
$name = $_FILES['thefile']['name'];
$file = get_uploaded_file($file);
if (empty($file)) {
image_edit(array(upload_get_errormsg(UPLOAD_ERR_NO_FILE), E_ERROR), $id);
return;
}
list($w, $h, $extension) = getimagesize($file);
if ($file !== false && @$extensions[$extension]) {
$ext = $extensions[$extension];
$newpath = IMPATH . $id . 't' . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
image_list(array($newpath . sp . gTxt('upload_dir_perms'), E_ERROR));
} else {
chmod($newpath, 0644);
safe_update("txp_image", "thumbnail = 1, thumb_w = {$w}, thumb_h = {$h}, date = now()", "id = {$id}");
$message = gTxt('image_uploaded', array('{name}' => $name));
update_lastmod();
image_edit($message, $id);
}
} else {
if ($file === false) {
image_list(array(upload_get_errormsg($_FILES['thefile']['error']), E_ERROR));
} else {
image_list(array(gTxt('only_graphic_files_allowed'), E_ERROR));
}
}
}
/**
* Uploads an image.
*
* Can be used to upload a new image or replace an existing one.
* If $id is specified, the image will be replaced. If $uploaded is set FALSE,
* $file can take a local file instead of HTTP file upload variable.
*
* All uploaded files will included on the Images panel.
*
* @param array $file HTTP file upload variables
* @param array $meta Image meta data, allowed keys 'caption', 'alt', 'category'
* @param int $id Existing image's ID
* @param bool $uploaded If FALSE, $file takes a filename instead of upload vars
* @return array|string An array of array(message, id) on success, localized error string on error
* @package Image
* @example
* print_r(image_data(
* $_FILES['myfile'],
* array(
* 'caption' => '',
* 'alt' => '',
* 'category' => '',
* )
* ));
*/
function image_data($file, $meta = array(), $id = 0, $uploaded = true)
{
global $txp_user, $event;
$name = $file['name'];
$error = $file['error'];
$file = $file['tmp_name'];
if ($uploaded) {
$file = get_uploaded_file($file);
if (get_pref('file_max_upload_size') < filesize($file)) {
unlink($file);
return upload_get_errormsg(UPLOAD_ERR_FORM_SIZE);
}
}
if (empty($file)) {
return upload_get_errormsg(UPLOAD_ERR_NO_FILE);
}
list($w, $h, $extension) = getimagesize($file);
$ext = get_safe_image_types($extension);
if (!$ext) {
return gTxt('only_graphic_files_allowed');
}
$name = substr($name, 0, strrpos($name, '.')) . $ext;
$safename = doSlash($name);
$meta = lAtts(array('category' => '', 'caption' => '', 'alt' => ''), (array) $meta, false);
extract(doSlash($meta));
$q = "\n name = '{$safename}',\n ext = '{$ext}',\n w = {$w},\n h = {$h},\n alt = '{$alt}',\n caption = '{$caption}',\n category = '{$category}',\n date = now(),\n author = '" . doSlash($txp_user) . "'\n ";
if (empty($id)) {
$rs = safe_insert('txp_image', $q);
if ($rs) {
$id = $GLOBALS['ID'] = $rs;
}
$update = false;
} else {
$id = assert_int($id);
$rs = safe_update('txp_image', $q, "id = {$id}");
$update = true;
}
if (!$rs) {
return gTxt('image_save_error');
}
$newpath = IMPATH . $id . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
if (!$update) {
safe_delete('txp_image', "id = {$id}");
}
unset($GLOBALS['ID']);
return $newpath . sp . gTxt('upload_dir_perms');
}
@chmod($newpath, 0644);
// GD is supported
if (check_gd($ext)) {
// Auto-generate a thumbnail using the last settings
if (get_pref('thumb_w') > 0 || get_pref('thumb_h') > 0) {
$t = new txp_thumb($id);
$t->crop = (bool) get_pref('thumb_crop');
$t->hint = '0';
$t->width = (int) get_pref('thumb_w');
$t->height = (int) get_pref('thumb_h');
$t->write();
}
}
$message = gTxt('image_uploaded', array('{name}' => $name));
update_lastmod('image_uploaded', compact('id', 'name', 'ext', 'w', 'h', 'alt', 'caption', 'category', 'txpuser'));
// call post-upload plugins with new image's $id
callback_event('image_uploaded', $event, false, $id);
return array($message, $id);
}
function image_data($file, $meta = '', $id = '', $uploaded = true)
{
global $txpcfg, $extensions, $txp_user, $prefs, $file_max_upload_size, $event;
extract($txpcfg);
$name = $file['name'];
$error = $file['error'];
$file = $file['tmp_name'];
if ($uploaded) {
$file = get_uploaded_file($file);
if ($file_max_upload_size < filesize($file)) {
unlink($file);
return upload_get_errormsg(UPLOAD_ERR_FORM_SIZE);
}
}
if (empty($file)) {
return upload_get_errormsg(UPLOAD_ERR_NO_FILE);
}
list($w, $h, $extension) = getimagesize($file);
if ($file !== false && @$extensions[$extension]) {
$ext = $extensions[$extension];
$name = substr($name, 0, strrpos($name, '.')) . $ext;
$safename = doSlash($name);
if ($meta == false) {
$meta = array('category' => '', 'caption' => '', 'alt' => '');
}
extract(doSlash($meta));
$q = "\n\t\t\t\tname = '{$safename}',\n\t\t\t\text = '{$ext}',\n\t\t\t\tw = {$w},\n\t\t\t\th = {$h},\n\t\t\t\talt = '{$alt}',\n\t\t\t\tcaption = '{$caption}',\n\t\t\t\tcategory = '{$category}',\n\t\t\t\tdate = now(),\n\t\t\t\tauthor = '" . doSlash($txp_user) . "'\n\t\t\t";
if (empty($id)) {
$rs = safe_insert('txp_image', $q);
$id = $GLOBALS['ID'] = mysql_insert_id();
} else {
$id = assert_int($id);
$rs = safe_update('txp_image', $q, "id = {$id}");
}
if (!$rs) {
return gTxt('image_save_error');
} else {
$newpath = IMPATH . $id . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
$id = assert_int($id);
safe_delete('txp_image', "id = {$id}");
safe_alter('txp_image', "auto_increment = {$id}");
if (isset($GLOBALS['ID'])) {
unset($GLOBALS['ID']);
}
return $newpath . sp . gTxt('upload_dir_perms');
} else {
@chmod($newpath, 0644);
// GD is supported
if (check_gd($ext)) {
// Auto-generate a thumbnail using the last settings
if (isset($prefs['thumb_w'], $prefs['thumb_h'], $prefs['thumb_crop'])) {
$width = intval($prefs['thumb_w']);
$height = intval($prefs['thumb_h']);
if ($width > 0 or $height > 0) {
$t = new txp_thumb($id);
$t->crop = $prefs['thumb_crop'] == '1';
$t->hint = '0';
$t->width = $width;
$t->height = $height;
$t->write();
}
}
}
$message = gTxt('image_uploaded', array('{name}' => $name));
update_lastmod();
// call post-upload plugins with new image's $id
callback_event('image_uploaded', $event, false, $id);
return array($message, $id);
}
}
} else {
if ($file === false) {
return upload_get_errormsg($error);
} else {
return gTxt('only_graphic_files_allowed');
}
}
}
function image_data($file, $meta = '', $id = '', $uploaded = true)
{
global $txpcfg, $txp_user, $prefs, $file_max_upload_size;
$extensions = array(0, '.gif', '.jpg', '.png', '.swf');
extract($txpcfg);
$name = $file['name'];
$error = $file['error'];
$file = $file['tmp_name'];
if ($uploaded) {
$file = get_uploaded_file($file);
if ($file_max_upload_size < filesize($file)) {
unlink($file);
return upload_get_errormsg(UPLOAD_ERR_FORM_SIZE);
}
}
list($w, $h, $extension) = @getimagesize($file);
if ($file !== false && @$extensions[$extension]) {
$ext = $extensions[$extension];
$name = doSlash(substr($name, 0, strrpos($name, '.')) . $ext);
if ($meta == false) {
$meta = array('category' => '', 'caption' => '', 'alt' => '');
}
extract(doSlash($meta));
$q = "\n\t\t\tname = '{$name}',\n\t\t\text = '{$ext}',\n\t\t\tw = {$w},\n\t\t\th = {$h},\n\t\t\talt = '{$alt}',\n\t\t\tcaption = '{$caption}',\n\t\t\tcategory = '{$category}',\n\t\t\tdate = now(),\n\t\t\tauthor = '{$txp_user}'\n\t\t";
if (empty($id)) {
$rs = safe_insert('txp_image', $q);
$id = $GLOBALS['ID'] = mysql_insert_id();
} else {
$id = assert_int($id);
$rs = safe_update('txp_image', $q, "id = {$id}");
}
if (!$rs) {
return gTxt('image_save_error');
} else {
$newpath = IMPATH . $id . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
$id = assert_int($id);
safe_delete('txp_image', "id = {$id}");
safe_alter('txp_image', "auto_increment = {$id}");
if (isset($GLOBALS['ID'])) {
unset($GLOBALS['ID']);
}
return $newpath . sp . gTxt('upload_dir_perms');
} else {
@chmod($newpath, 0644);
// Auto-generate a thumbnail using the last settings
if (isset($prefs['thumb_w'], $prefs['thumb_h'], $prefs['thumb_crop'])) {
img_makethumb($id, $prefs['thumb_w'], $prefs['thumb_h'], $prefs['thumb_crop']);
}
update_lastmod();
$message = gTxt('image_uploaded', array('{name}' => $name));
return array($message, $id);
}
}
} else {
// missing or invalid file
if ($file === false) {
return upload_get_errormsg($error);
} else {
return gTxt('only_graphic_files_allowed');
}
}
}
function replace_post()
{
global $txpcfg, $extensions, $txp_user, $file_base_path;
extract($txpcfg);
$id = gps('id');
$rs = safe_row('filename', 'txp_file', "id='{$id}'");
if (!$rs) {
$this->_error(messenger(gTxt('invalid_id'), $id, ''));
return;
}
extract($rs);
$file = $this->file_get_uploaded();
$name = $this->file_get_uploaded_name();
if ($file === false) {
// could not get uploaded file
$this->_error(gTxt('file_upload_failed') . " {$name} " . upload_get_errormsg($_FILES['thefile']['error']));
return;
}
if (!$filename) {
$this->_error(gTxt('invalid_filename'));
} else {
$newpath = build_file_path($file_base_path, $filename);
if (is_file($newpath)) {
rename($newpath, $newpath . '.tmp');
}
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id='{$id}'");
$this->_error($newpath . sp . gTxt('upload_dir_perms'));
// rename tmp back
rename($newpath . '.tmp', $newpath);
// remove tmp upload
unlink($file);
} else {
$this->file_set_perm($newpath);
if ($size = filesize($newpath)) {
safe_update('txp_file', 'size = ' . $size . ', modified = now()', 'id = ' . $id);
}
$this->_message(messenger('file', $name, 'uploaded'));
$this->_set_view('edit', $id);
// clean up old
if (is_file($newpath . '.tmp')) {
unlink($newpath . '.tmp');
}
}
}
}
function thumbnail_insert()
{
global $txpcfg, $extensions, $txp_user, $img_dir, $path_to_site;
extract($txpcfg);
$id = gps('id');
$file = $_FILES['thefile']['tmp_name'];
$name = $_FILES['thefile']['name'];
$file = get_uploaded_file($file);
list(, , $extension) = getimagesize($file);
if ($file !== false && $extensions[$extension]) {
$ext = $extensions[$extension];
$newpath = IMPATH . $id . 't' . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
image_list($newpath . sp . gTxt('upload_dir_perms'));
} else {
chmod($newpath, 0755);
safe_update("txp_image", "thumbnail='1'", "id='{$id}'");
image_edit(messenger('image', $name, 'uploaded'), $id);
}
} else {
if ($file === false) {
image_list(upload_get_errormsg($_FILES['thefile']['error']));
} else {
image_list(gTxt('only_graphic_files_allowed'));
}
}
}
